I have not been able to determine from MS-CIFS and MS-SMB how the
client can determine whether the server supports "raw ntlmssp"
(ntlmssp, not encoded in spnego).
MS-CIFS section 3.2.4.2 does indicate some of the processing during
authentication, and does indicate differences between ntlm and ntlmv2,
but does not indicate when "raw ntlmssp" can be used. Similarly
section 3.2.4.2 of MS-SMB mentions authentication, and note 86
mentions spnego, but does not indicate how the client determines
whether it can or should send the ntlm/ntlmv2 hash encapsulated in
"raw ntlmssp" - especially for the case when extended security is not
requested.
--
Thanks,
Steve